Tenable

FEBRUARY 23, 2024

Plus, there’s a new generative AI governance checklist for tech and business leaders. And the White House seeks to boost ports' cybersecurity. This week, cybersecurity agencies from multiple countries, led by the Cyber Division of the U.K.’s Check out how cyber agencies from multiple countries hit the LockBit ransomware group.

Artificial Inteligence 67

Artificial Inteligence Artificial Intelligence Generative AI ChatGPT 67

Tenable

MARCH 8, 2024

Plus, a survey shows how artificial intelligence is impacting cybersecurity jobs. That’s according to ISC2’s survey “AI in Cyber 2024: Is the Cybersecurity Profession Ready?”, based on a poll of 1,123 cybersecurity pros. Source: “AI in Cyber 2024: Is the Cybersecurity Profession Ready?” And much more!

Infrastructure 115

Infrastructure Report Software Review Artificial Intelligence 115

Tenable

OCTOBER 21, 2022

21 | The problem with Gen Zers and Millennials | Global shortage of cybersecurity pros worsens | An informal poll about attack surface growth | Password usage drops a bit | And much more! This may sound counterintuitive but employees between ages 18 and 41 tend to be less careful regarding cybersecurity.

Technical Review 98

Technical Review Authentication Survey Government 98

Tenable

SEPTEMBER 15, 2023

Tasked with securing your org’s new AI systems? Plus, open source security experts huddled at a conference this week – find out what they talked about. That’s the topic of the paper “ Securing AI: Similar or Different? published by Google’s Cybersecurity Action Team. ” published by Google’s Cybersecurity Action Team.

Open Source 113

Open Source Systems Review System Software Review 113

Tenable

JANUARY 12, 2024

Check out expert recommendations for deploying AI tools securely. 1 - How to ensure AI helps, not hurts, cybersecurity How can organizations use artificial intelligence (AI) in a way that’s safe and that benefits cybersecurity? In addition, cyber insurance demand is forecast to grow robustly. And much more!

Systems Review 72

Systems Review System Technical Review Development Team Review 72

Tenable

MARCH 1, 2024

Check out what’s new in NIST’s makeover of its Cybersecurity Framework. Also, how to assess the cybersecurity capabilities of a generative AI LLM. 1 - NIST’s Cybersecurity Framework 2.0 1 - NIST’s Cybersecurity Framework 2.0 The Cybersecurity Framework at 10.and And the most prevalent malware in Q4. And much more!

Artificial Inteligence 74

Artificial Inteligence Malware Generative AI Government 74

Tenable

NOVEMBER 24, 2023

Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. government will evaluate the security practices of its software vendors – and offer your two cents. And much more!

Software Review 71

Software Review Software Insurance Software Development 71

Tenable

FEBRUARY 16, 2024

Plus, JCDC will put special focus on critical infrastructure security in 2024. Meanwhile, CISA and OpenSSF shine a spotlight on the security of software package repositories. has promise, there are clear limitations,” Mark Sherman, one of the researchers, wrote in the blog post “ Using ChatGPT to Analyze Your Code?

ChatGPT 71

ChatGPT Software Review Analysis Infrastructure 71

Tenable

MAY 24, 2024

government is urging water plants to boost their cybersecurity in accordance with federal law, as hackers increasingly target these critical infrastructure organizations. water systems don’t fully comply with the cybersecurity requirements of the Safe Drinking Water Act, according to recent inspections by the U.S.

Open Source 60

Open Source Malware Software Guidelines 60

Tenable

MAY 10, 2024

Is the software your company wants to buy securely designed? Plus, a survey shows a big disconnect between AI usage (high) and AI governance (low). 1 - How to assess if a tech product is secure by design Buying a securely designed digital product can lower your risk of breaches, simplify cyber defense efforts and reduce costs.

Software Review 65

Software Review Weak Development Team Generative AI Software 65

Tenable

JUNE 2, 2023

Plus, find out why securing identities is getting harder than ever – and how to fix it. Also, how a cloud security framework can help you – a lot. In addition, check out nifty SaaS security tips. Check out a hair-raising warning from AI experts. And much more!

Security 52

Security Technical Review ChatGPT Cloud 52

Tenable

SEPTEMBER 16, 2022

16 | How cybersecurity excellence boosts business | CISOs on a vendor-consolidation campaign | A quick check on converged OT/IT cybersecurity | Guides to help developers beef up on security | And much more! Top-notch cybersecurity yields business gains. Cybersecurity. For more information, read the McKinsey & Co.

Security 98

Security Survey Open Source .Net 98

Tenable

MARCH 24, 2023

Learn about a new guide packed with best practices recommendations to improve IAM systems security. Plus, cybersecurity ranks as top criteria for software buyers. 1 - Best practices to boost IAM security from CISA and NSA Feel like your organization could boost the security of its identity and access management (IAM) systems?

Security 52

Security ChatGPT Transportation Software Review 52

Tenable

OCTOBER 20, 2023

Plus, check out a guide packed with anti-phishing tips, and another one full of IAM security best practices. Also, discover the skills that cybersecurity recruiters value the most. 1 - Study: CISOs bet on GenAI, integrated cybersecurity suites In: Defensive generative AI technology and integrated cybersecurity suites.

Generative AI 72

Generative AI Authentication Survey Malware 72

The Parallax

OCTOBER 29, 2020

Clichéd as the concept of a perfect storm is, the term feels like an appropriate way to describe the cybersecurity challenges U.S. READ MORE ON ELECTION SECURITY. How experts plan to secure the 2020 election. Open source the secret sauce in secure, affordable voting tech. Experts disagree on how to secure absentee votes.

Nonprofit 246

Nonprofit Journal Media Open Source 246

Tenable

NOVEMBER 4, 2022

Get the latest on salary trends for CISOs and cybersecurity pros; CISA’s call for adopting phishing-resistant MFA; the White House’s ransomware summit; and more! and Canada improved this year compared with 2021 as employers paid up to retain their cybersecurity chiefs amidst a shortage of qualified candidates for these jobs.

Trends 103

Trends Authentication Recruiting Banking 103

Tenable

SEPTEMBER 29, 2023

After double-digit growth in the past two years, cybersecurity budgets expanded more modestly in 2023. 1 - Cybersecurity budgets grow, but less than in years past Cybersecurity teams on average saw an increase in their 2023 budgets, but the bump was much smaller than in previous years, as organizations across the board reined in IT spending.

Budget 79

Budget Hardware Weak Development Team Software Review 79

Tenable

MAY 3, 2024

“While the adoption of artificial intelligence to gain access to valuable corporate assets is a concern on the horizon, a failure to patch basic vulnerabilities has threat actors not needing to advance their approach,” Chris Novak, Verizon’s Senior Director of Cybersecurity Consulting said in a statement this week. 1, 2022 to Oct.

Infrastructure 71

Infrastructure Programming Conference Fractional VPE 71

Tenable

JANUARY 10, 2024

Two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure have been exploited in the wild, with at least one attack attributed to nation-state actors. Background On January 10, Ivanti released a security advisory for two zero-day vulnerabilities that were exploited in-the-wild in limited, targeted attacks.

Policies 72

Policies Authentication Analysis Network 72

Tenable

NOVEMBER 25, 2022

Get the latest on the Hive RaaS threat; the importance of metrics and risk analysis; cloud security’s top threats; supply chain security advice for software buyers; and more! . Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal Enterprise ” (Tenable blog). What would this look like?

Metrics 52

Metrics Cloud Backup Software Review 52

Palo Alto Networks

APRIL 6, 2020

In response, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency ( CISA) has issued cybersecurity guidance in relation to teleworking. Remote Workforce Security Requirements. Implement Multi-Factor Authentication (MFA) on all VPN connections to increase security.

Security 53

Security Government Meeting Company 53

Tenable

JULY 14, 2023

government for defending CI/CD pipelines. 1 – CISA and NSA issue CI/CD defense guidance Looking for recommendations and best practices to improve the security of your continuous integration / continuous delivery (CI/CD) pipelines? Learn about the guidance from the U.S. Plus, check out the 25 most dangerous software weaknesses.

Weak Development Team 52

Weak Development Team Software Review Software Technical Review 52

Tenable

FEBRUARY 9, 2024

Fortinet warns of “potentially” exploited flaw in the SSL VPN functionality of FortiOS, as government agencies warn of pre-positioning by Chinese state-sponsored threat actors in U.S. and international agencies.

Malware 122

Malware Authentication Infrastructure Analysis 122

Cloudera

SEPTEMBER 27, 2023

As data ecosystems evolve security becomes a paramount concern, especially within the realm of private cloud environments. release , the journey towards a more secure data ecosystem continues — one where businesses can unlock the full potential of their data with peace of mind. How does this release elevate security?

Data 87

Data Authentication Compliance Operating System 87

Tenable

JUNE 9, 2023

Find out why cyber teams must get hip to AI security ASAP. Plus, the latest trends on SaaS security. 1 – Forrester: You must defend AI models starting “yesterday” Add another item to cybersecurity teams’ packed list of assets to secure: AI models. Plus, check out the top risks of ChatGPT-like LLMs. And much more!

Artificial Inteligence 52

Artificial Inteligence ChatGPT How To Software Review 52

Tenable

SEPTEMBER 9, 2022

9 | Software supply chain security in the spotlight. Guidance for evaluating IoT security tools. Increasing diversity in cybersecurity. Another look at the major cloud security threats. government stresses software supply chain security. government. . government. . Secure composition analysis.

Security 52

Security IoT Open Source Linux 52

Tenable

AUGUST 18, 2023

The Center for Internet Security unpacks how to establish foundational cyber hygiene at a reasonable cost. Plus, the Cyber Safety Review Board issues urgent security recommendations on its Lapsus$ report – and announces it’ll next delve into cloud security. government officials’ inboxes. government officials’ inboxes.

Software Review 52

Software Review Technical Review Artificial Inteligence How To 52

Tenable

NOVEMBER 11, 2022

Get the latest on staffing challenges; nation-state assaults on critical infrastructure; supply chain security tips; ransomware weak links; Kubernetes security; and more! . 1 - Cybersecurity budgets rise, but hiring remains a challenge. Cybersecurity budget breakdown and best practices ” (TechTarget). “ and Canada.

Budget 52

Budget Software Review Weak Development Team Small Business 52

Tenable

APRIL 5, 2024

government issues a comprehensive AI usage policy for federal agencies. 1 - CSRB on 2023 Microsoft cloud breach: It was preventable With basic security practices in place, Microsoft could have prevented last year’s Exchange Online breach in which Storm-0558, a hacking group affiliated with the Chinese government, stole emails from U.S.

Technical Review 55

Technical Review Systems Review Software Review Policies 55

InfoBest

MAY 25, 2023

In today’s digital landscape, where cyber threats are on the rise, ensuring robust cybersecurity measures in custom software development projects is more important than ever. Why is Cybersecurity Important in Software Development? Maintaining Trust Cybersecurity is critical to maintaining user trust.

Software Development 52

Software Development Software Review Weak Development Team Software 52

Tenable

JUNE 23, 2023

That’s why a recent IANS Research blog post about building an incident response process for ransomware caught our eye. and Australian Agencies Publish Joint Cybersecurity Advisory on BianLian Ransomware Group ” (blog) 3 – Guidance on high-risk and emergency access to cloud services The U.K.’s

Cloud 53

Cloud Systems Review Data Disaster Recovery 53

Tenable

DECEMBER 6, 2023

Tenable Research has published two blogs on CitrixBleed, our initial analysis of the vulnerability as well as a Frequently Asked Questions (FAQ) blog providing added context surrounding the in-the-wild exploitation by threat actors including multiple ransomware groups. ransomware group in their exploitation of CitrixBleed.

Systems Review 74

Systems Review Authentication Analysis Malware 74

Tenable

AUGUST 5, 2022

That’s the bad news the Cybersecurity and Infrastructure Security Agency’s Cyber Safety Review Board delivered in a recent report. Drive best practices for security hygiene, such as automated vulnerability management, asset inventorying and vulnerability mitigation, as well as secure software development practices.

Development Team Review 52

Development Team Review Software Review Systems Review Technical Review 52

Tenable

APRIL 20, 2021

Threat actors are leveraging a zero-day vulnerability in Pulse Connect Secure, for which there is no immediate patch scheduled for release. On April 20, Pulse Secure, which was acquired by Ivanti last year, published an out-of-cycle security advisory (SA44784) regarding a zero-day vulnerability in the Pulse Connect Secure SSL VPN appliance.

Authentication 134

Authentication Malware Research Government 134

Tenable

JULY 25, 2023

CVE Description CVSSv3 Severity CVE-2023-35078 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability 10.0 Analysis CVE-2023-35078 is an authentication bypass vulnerability in Ivanti’s EPMM. Tenable was provided access to the support article and our blog post reflects what we currently know about this vulnerability.

Mobile 98

Mobile Knowledge Base Authentication Government 98

Ivanti

JULY 26, 2021

As you may have heard, Ivanti was selected by the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) to participate as a collaborator in its Implementing a Zero Trust Architecture project. Zero trust flips traditional “trust but verify” security strategies on its head.

Government 98

Government Architecture Network Compliance 98

AWS Machine Learning - AI

JANUARY 26, 2024

Many customers are looking for guidance on how to manage security, privacy, and compliance as they develop generative AI applications. We first delve into the vulnerabilities, threats, and risks that arise from the implementation, deployment, and use of LLM solutions, and provide guidance on how to start innovating with security in mind.

Artificial Inteligence 115

Artificial Inteligence Generative AI Security Applications 115